Alden Bates' Weblog: Even better hotlink protection

Even better hotlink protection

I haven't been happy with previous methods I've been using for hotlink prevention, because usually they result in a broken graphic on the other site which, depending on the browser, may not be visible.

Method 1: If a user hits a graphic with a referrer from another site, they get a 403 error and an HTML error page. Drawback: this results in a broken image on the other page.

Method 2: If a user hits a graphic with a referrer from another site, they get an HTML page which includes the actual graphic in an <img> tag, and a "hosted by tetrap.com" message. Drawbacks: results in a broken image on the other page, and the hits are recorded as traffic in my server statistics.

So I decided to try a new method: If a user hits a graphic with a referrer from another site, they get a 100x100 black and white image which looks like this*:
[Error 304 graphic

That allows them to see instantly what the problem is instead of giving them a broken graphic with no indication as to why, and it still registers as a 403 error in my server statistics. I've achived this by using a Perl script for my error 403 page. It detects whether the user is trying to load a web page (in which case it gives them an HTMLerror page) or a graphic (in which case it gives them the graphic shown above. I think it's nifty. :)

* Except myspace.com users, who still get tubgirl. Bwahaha.

Posted May 25, 2006 9:26 PM

Comments

Any chance you are willing to share your perl and .htacdess code?
I'd dearly love to use it and would like to discuss using this approach to prevent off-site use of my cgi & pl scripts too!
Mike

Posted by: Mike | June 30, 2006 9:39 AM

I've made a new post with more details. :)

Posted by: Alden Bates | July 1, 2006 11:14 AM

Alden Bates' Weblog

Feigning normality since 1973

Even better hotlink protection

Comments

Post a comment


	Home : May 2006 Alden Bates' Weblog Feigning normality since 1973 « Liquor \| Main \| Interesting referrer spam » Even better hotlink protection Filed in: Website Management. I haven't been happy with previous methods I've been using for hotlink prevention, because usually they result in a broken graphic on the other site which, depending on the browser, may not be visible. Method 1: If a user hits a graphic with a referrer from another site, they get a 403 error and an HTML error page. Drawback: this results in a broken image on the other page. Method 2: If a user hits a graphic with a referrer from another site, they get an HTML page which includes the actual graphic in an <img> tag, and a "hosted by tetrap.com" message. Drawbacks: results in a broken image on the other page, and the hits are recorded as traffic in my server statistics. So I decided to try a new method: If a user hits a graphic with a referrer from another site, they get a 100x100 black and white image which looks like this: That allows them to see instantly what the problem is instead of giving them a broken graphic with no indication as to why, and it still registers as a 403 error in my server statistics. I've achived this by using a Perl script for my error 403 page. It detects whether the user is trying to load a web page (in which case it gives them an HTMLerror page) or a graphic (in which case it gives them the graphic shown above. I think it's nifty. :) Except myspace.com users, who still get tubgirl. Bwahaha. Posted May 25, 2006 9:26 PM Comments Any chance you are willing to share your perl and .htacdess code? I'd dearly love to use it and would like to discuss using this approach to prevent off-site use of my cgi & pl scripts too! Mike Posted by: Mike \| June 30, 2006 9:39 AM I've made a new post with more details. :) Posted by: Alden Bates \| July 1, 2006 11:14 AM Post a comment Name: Email Address: URL: Remember personal info? Comments: (you may use HTML tags for style)
Tetrap.com Site Map